package com.graduation.roombooking.controller.web;

import com.graduation.roombooking.service.IUserActionService;
import com.graduation.roombooking.service.UserService;
import com.graduation.roombooking.vo.RespBean;
import com.graduation.roombooking.vo.RespBeanEnum;
import com.graduation.roombooking.vo.UpdateActionVo;
import com.graduation.roombooking.vo.UserVo;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * @Author:CaiShuangLian
 * @FileName:
 * @Date:Created in  2022/5/1 0:20
 * @Version:
 * @Description:TODO
 */
@RestController
@RequestMapping("/web/action")
@Api(tags = "系统管理员——权限模块")
public class WebActionController {

    @Autowired
    private UserService userService;
    @Autowired
    private IUserActionService userActionService;


    @ApiOperation("05/01:更改用户权限")
    @ResponseBody
    @PostMapping("/update")
    public RespBean updateUserAction(@RequestBody UpdateActionVo updateActionVo, HttpServletRequest request, HttpServletResponse response){
        String ticket=updateActionVo.getTicket();
        if(ticket !=null && !ticket.isEmpty()){
            //根据cookie获取用户信息
            UserVo userVo=userService.getUserByCookie(ticket,request,response);
            if(null!=userVo){
                //判断是否有权限操作
                String action=userVo.getAction();
                switch (action){
                    case "organization_administrator":
                        //组织管理员更改权限
                        if(updateActionVo.getAction().equals("system_administrator"))
                        {
                            return RespBean.error(RespBeanEnum.NO_OPERATION_PERMISSION,"无法越级更改权限，请查看自己的权限");
                        }else if(updateActionVo.getAction().equals("organization_administrator")||updateActionVo.getAction().equals("organization_member")){
                            //只能更改本部门用户的权限
                            return userActionService.updateUserAction(userVo.getCompanyName(),updateActionVo.getPhone(),updateActionVo.getAction());
                        }
                    case "system_administrator":
                        //系统管理员更改权限
                        return userActionService.updateUserAction("root",updateActionVo.getPhone(),updateActionVo.getAction());
                    default:
                        return RespBean.error(RespBeanEnum.NO_OPERATION_PERMISSION,"非管理员无法修改权限");
                }
            }
        }
        return RespBean.error(RespBeanEnum.ILLEGAL_OPERATION);
    }

}
